Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PEQS5zbFhSbVLUQQ4_XHSh4wx-k.roa
File: PEQS5zbFhSbVLUQQ4_XHSh4wx-k.roa (raw, json)
Hash identifier: LXTNKpjQHS4s7FZCaa27PMEXWarEEYo1IdW3gHI7FkU=
Subject key identifier: 3C:44:12:E7:36:C5:85:26:D5:2D:44:10:E3:F5:C7:4A:1E:30:C7:E9
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018E826C6433B4061C17C71E8570BAC9913A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PEQS5zbFhSbVLUQQ4_XHSh4wx-k.roa
Signing time: Thu 28 Mar 2024 00:18:45 +0000
ROA not before: Thu 28 Mar 2024 00:18:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211063
IP address blocks: 2a0e:97c0:480::/44 maxlen: 48
2a0e:97c0:480::/48 maxlen: 48
2a0e:97c0:481::/48 maxlen: 48
2a0e:97c0:482::/48 maxlen: 48
2a0e:97c0:483::/48 maxlen: 48
2a0e:97c0:484::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 28 Mar 2024 17:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:82:6c:64:33:b4:06:1c:17:c7:1e:85:70:ba:c9:91:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 28 00:18:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c4412e736c58526d52d4410e3f5c74a1e30c7e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d7:2e:f4:e4:35:52:70:68:4d:28:98:b3:59:
42:43:8e:39:80:37:09:3a:b6:c9:e9:9c:3e:96:4c:
22:45:42:42:fa:ba:33:7d:a0:bf:f1:21:ca:3d:e1:
bf:8a:b2:de:cf:d3:aa:d9:e4:37:ae:2f:fa:37:16:
66:bb:e9:7a:0c:5b:b4:84:83:94:cf:dd:57:8f:50:
74:d3:a8:31:50:0b:ed:e7:b0:62:5b:dd:16:8c:c2:
d4:c2:8d:96:c5:0f:dc:7f:34:5a:0a:93:21:bb:87:
84:cd:fa:cb:a7:f3:08:7a:60:62:9c:6a:50:e0:f7:
2e:7c:42:bd:41:9f:41:ed:ba:3a:2e:78:4c:f6:2b:
f9:f1:b9:2d:69:59:61:b0:e3:a1:81:3e:f6:5f:e4:
2b:1e:9a:a1:ff:d7:a5:ff:1d:8e:74:15:70:6d:ac:
df:f6:69:a9:42:b0:5b:e4:c4:d5:46:95:20:e3:44:
73:83:15:31:55:98:57:cb:8b:0b:5f:b9:b2:9d:c9:
ba:47:88:f0:29:02:6f:b1:07:61:7c:b3:b1:f1:6a:
f5:cd:ea:ed:f0:97:ee:82:2a:48:7e:72:2d:52:00:
6e:17:fa:31:39:e7:7e:ad:54:2e:f9:d7:6f:9d:ef:
2c:ba:0d:50:31:40:35:6a:9c:7c:59:8e:72:86:7e:
d2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:44:12:E7:36:C5:85:26:D5:2D:44:10:E3:F5:C7:4A:1E:30:C7:E9
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PEQS5zbFhSbVLUQQ4_XHSh4wx-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:480::/44
Signature Algorithm: sha256WithRSAEncryption
59:6c:9f:1e:4e:2b:cb:33:c1:29:e2:5e:d0:18:95:5b:b1:b2:
4d:ad:eb:a3:c2:f2:24:96:76:ff:48:f2:af:cd:1f:6b:66:9e:
49:4f:ec:2b:27:b7:ff:ae:af:b0:24:5d:34:74:3d:14:b2:28:
29:3a:cb:86:25:9e:e9:7f:60:39:8e:ca:8f:fc:f8:2f:32:14:
8b:1a:5b:e4:91:eb:74:66:57:49:bd:ae:1a:8b:65:43:48:3c:
af:b8:5a:59:03:67:69:77:d2:08:87:cc:f6:de:a7:fe:4a:1b:
5c:3b:ae:91:9c:ab:fb:c3:44:f9:2c:5a:9e:dc:db:7b:04:c0:
45:ec:52:46:b1:4a:9a:78:79:13:54:d4:e3:0d:f9:04:9e:44:
a8:a5:99:86:a1:a8:d0:66:b3:d5:c8:0e:50:15:47:e1:a8:9e:
03:ad:4b:65:50:01:60:0b:81:01:4e:c8:07:06:d0:8d:ba:af:
7f:2a:01:bb:87:65:7e:cc:57:2e:6f:f9:29:b2:4e:45:9c:54:
1d:0b:c5:7b:38:f3:ef:1c:35:cd:3d:84:43:32:02:48:68:f7:
d5:98:d5:8e:47:4d:da:a5:e2:5f:1c:f8:29:60:63:07:1a:58:
78:06:b6:eb:b2:1f:60:43:62:64:d1:6e:2a:2b:50:fa:2c:03:
bd:19:30:be
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY6CbGQztAYcF8cehXC6yZE6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMzI4MDAxODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzQ0MTJlNzM2YzU4NTI2ZDUyZDQ0MTBlM2Y1Yzc0YTFlMzBjN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9cu9OQ1UnBoTSiYs1lCQ445gDcJ
OrbJ6Zw+lkwiRUJC+rozfaC/8SHKPeG/irLez9Oq2eQ3ri/6NxZmu+l6DFu0hIOU
z91Xj1B006gxUAvt57BiW90WjMLUwo2WxQ/cfzRaCpMhu4eEzfrLp/MIemBinGpQ
4PcufEK9QZ9B7bo6LnhM9iv58bktaVlhsOOhgT72X+QrHpqh/9el/x2OdBVwbazf
9mmpQrBb5MTVRpUg40RzgxUxVZhXy4sLX7myncm6R4jwKQJvsQdhfLOx8Wr1zert
8JfugipIfnItUgBuF/oxOed+rVQu+ddvne8sug1QMUA1apx8WY5yhn7SIwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDxEEuc2xYUm1S1EEOP1x0oeMMfpMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUEVRUzV6YkZoU2JWTFVRUTRfWEhTaDR3eC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwASA
MA0GCSqGSIb3DQEBCwUAA4IBAQBZbJ8eTivLM8Ep4l7QGJVbsbJNreujwvIklnb/
SPKvzR9rZp5JT+wrJ7f/rq+wJF00dD0UsigpOsuGJZ7pf2A5jsqP/PgvMhSLGlvk
ket0ZldJva4ai2VDSDyvuFpZA2dpd9IIh8z23qf+ShtcO66RnKv7w0T5LFqe3Nt7
BMBF7FJGsUqaeHkTVNTjDfkEnkSopZmGoajQZrPVyA5QFUfhqJ4DrUtlUAFgC4EB
TsgHBtCNuq9/KgG7h2V+zFcub/kpsk5FnFQdC8V7OPPvHDXNPYRDMgJIaPfVmNWO
R03apeJfHPgpYGMHGlh4Brbrsh9gQ2Jk0W4qK1D6LAO9GTC+
-----END CERTIFICATE-----
Generated at Thu Mar 28 20:49:18 2024 by rpki-client on console-ams.rpki-client.org